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AMENDMENTS TO THE CLAIMS 

Please amend the claims as follows. 

1 . (Currently Amended) A method of controlling access to resources, said method comprising: 

receiving, by a server, a first request for a resource, said first request comprising a first 
requestor identifying information, wherein said first requestor identifying 
information identifies a first requestor; 

referring, by said server, said first request to a remote source, wherein said remote source 
evaluates said first request in response to said referring to generate a first policy 
decision, wherein said first policy decision is based on a policy definition governing 
access to said resource and based on said first requestor identify information; 

receiving, by said server, said first policy decision from said remote source, wherein said 
first policy decision is for said first requestor; 

storing said first policy decision for said resource in local memory, wherein said local 
memory further comprises a second policy decision, wherein said second policy 
decision is based on a second requestor identifying information, and wherein said 
second policy decision is for a second requestor identified by said second requestor 
identifying information; 

receiving , subsequent to said first request, a second request for access to said resource, said 
second request comprising said first requestor identifying information; 

evaluating said second request using said first policy decision in said local memory; 

receiving a notification from said remote source of a change in said policy definition, said 
notification identifying said first policy decision; 

invalidating marking said first policy decision based on said notificatio n, wherein said 
marking identifies that an updated policy decision must be requested when a 
subsequent request from said first requestor is received for said resource ; 

receiving , subsequent to said second request, a third request for access to said resource, said 
third request comprising said second requestor identifying information, wherein said 
second requestor identifying information identifies said second requestor; 
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evaluating said third request using said second policy decision in said local memory based 
on said second policy decision being unmarked , wherein said first policy decision is 
invalidated marked and said second policy decision is unmarked valid in local 
memory when said third request is evaluated; 

receiving, by said server and subsequent to said third request , a fourth request for said 
resource after said third request is received, said fourth request comprising said first 
requestor identifying information, wherein said fourth requestor identifying 
information identifies said first requestor; 

identifying, by said server in response to said fourth request, said first policy decision as 
invalid marked ; 

referring, by said server, said fourth request to said remote source based on said first policy 
decision being marked when the first policy decision is idontifiod as invalid , wherein 
said remote source evaluates said fourth request in response to said referring to 
generate a third policy decision; 

receiving, by said server, said third policy decision from said remote source; and 

evaluating said fourth request based on said third policy decision. 

2. (Currently Amended) The method of Claim 1 wherein said resource is affiliated with another 
resource, and wherein further a fourth policy decision for said other resource is received from 
said remote source and stored in said local memory. 

3. (Cancelled) 

4. (Cancelled) 

5. (Cancelled) 

6. (Cancelled) 

7. (Cancelled) 
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8. (Currently Amended) The method of Claim 1 wherein a period of time said first policy decision 
is valid is also received from said remote source and stored locally. 

9. (Currently Amended) The method of Claim 1 wherein a condition associated with said first 
policy definition is also received from said remote source and stored locally, wherein said 
condition is enforced locally. 

10. (Currently Amended) A method of controlling access to resources, said method comprising: 

receiving, by a server, a first request for access to a first resource, said first request 
comprising a first requestor identifying information, wherein said first requestor 
identifying information identifies a first requestor; 

referring, by said server, said first request to a remote source, wherein said remote source 
evaluates said first request in response to said referring to generate a first policy 
decision, wherein said first policy decision is based on a policy definition governing 
access to said first resource and based on said first requestor identify information; 

receiving, by said server, from said remote source said first policy decision for said first 
resource, wherein said first policy decision is for said first requestor; 

storing said first policy decision in local memory, wherein said local memory further 
comprises a second policy decision, wherein said second policy decision is based on 
a second requestor identifying information, and wherein said second policy decision 
is for a second requestor; 

receiving a second request for access to said first resource, said second request comprising 
said first requestor identifying information; 

evaluating said second request using said first policy decision in said local memory; 

receiving a notification from said remote source of a change in said policy definition, said 
notification identifying said first resource; [[and]] 

invalidating marking said first policy decision based on said notification and said first policy 
decision associated with said first resource , wherein said marking identifies that an 
updated policy decision must be requested when a subsequent request from said first 
requestor is received for said first resource ; 
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receiving a third request for access to said first resource, said third request comprising said 
second requestor identifying information, wherein said second requestor identifying 
information identifies said second requestor; 

evaluating said third request using said second policy decision in said local memory based 
on said second policy decision being unmarked , wherein said first policy decision is 
invalidated marked and said second policy decision is unmarked valid in local 
memory when said third request is evaluated; 

receiving, by said server, a fourth request for said first resource after said third request is 
received, said fourth request comprising said first requestor identifying information, 
wherein said fourth requestor identifying information identifies said first requestor; 

identifying, by said server in response to said fourth request, said first policy decision as 
invaM unmarked ; 

referring, by said server, said fourth request to said remote source based on said first policy 
decision being marked when the first policy decision is identified as invalid , wherein 
said remote source evaluates said fourth request in response to said referring to 
generate a third policy decision; 

receiving, by said server, said third policy decision from said remote source; and 

evaluating said fourth request based on said third policy decision. 

11. (Currently Amended) The method of Claim 10 wherein said first resource is affiliated with 
another resource, wherein a fourth policy decision for said other resource is received from said 
remote source and stored in said local memory. 

12. (Cancelled) 

13. (Cancelled) 

14. (Cancelled) 

15. (Cancelled) 

16. (Cancelled) 
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17. (Previously Presented) The method of Claim 10 further comprising: 

receiving information that identifies a period of time said first policy decision is valid. 

18. (Currently Amended) The method of Claim 10 further comprising: 

receiving from said remote source a condition associated with said first policy definition, 
wherein said condition is enforced locally. 

19. (Currently Amended) A computer-usable medium having computer-readable program code 
embodied therein for causing a computer system to perform a method of controlling access to 
resources, said method comprising: 

receiving, by a server, a first request for a first resource, said first request comprising a first 
requestor identifying information, wherein said first requestor identifying 
information identifies a first requestor; 

referring, by said server, said first request to a remote source, wherein said remote source 
evaluates said first request in response to said referring to generate a first policy 
decision, wherein said first policy decision is based on a policy definition governing 
access to said first resource and based on said first requestor identify information; 

receiving, by said server, said first policy decision from said remote source, wherein said 
first policy decision is for said first requestor; 

storing in local memory said first policy decision for said first resource, wherein said local 
memory further comprises a second policy decision, wherein said second policy 
decision is based on a second requestor identifying information, and wherein said 
second policy decision is for a second requestor; 

receiving , subsequent to said first request, a second request for access to said first resource, 
said second request comprising said first requestor identifying information; 

evaluating said second request using said first policy decision stored in said local memory; 

receiving a notification from said remote source of a change in said policy definition, said 
notification identifying said first policy decision; 
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invalidating marking said first policy decision based on said notificatio n, wherein said 
marking identifies that an updated policy decision must be requested when a 
subsequent request from said first requestor is received for said first resource ; 

receiving , subsequent to said second request, a third request for access to said first resource, 
said third request comprising said second requestor identifying information, wherein 
said second requestor identifying information identifies said second requestor; 

evaluating said third request using said second policy decision in said local memory based 
on said second policy decision being unmarked , wherein said first policy decision is 
invalidated marked and said second policy decision is unmarked valid in local 
memory when said third request is evaluated; 

receiving, by said server and subsequent to said third request , a fourth request for said first 
resource after said third request is received, said fourth request comprising said first 
requestor identifying information, wherein said fourth requestor identifying 
information identifies said first requestor; 

identifying, by said server in response to said fourth request, said first policy decision as 
invalid marked ; 

referring, by said server, said fourth request to said remote source based on said first policy 
decision being marked when said first policy decision is identified as invalid , 
wherein said remote source evaluates said fourth request in response to said referring 
to generate a third policy decision; 

receiving, by said server, said third policy decision from said remote source; and 

evaluating said fourth request based on said third policy decision. 

20. (Currently Amended) The computer-usable medium of Claim 19 wherein said first resource is 
affiliated with another resource, wherein a fourth policy decision for said other resource is 
received from said remote source and stored in said local memory. 

21. (Cancelled) 

22. (Cancelled) 
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23. (Previously Presented) The computer-usable medium of Claim 19 wherein a period of time said 
first policy decision is valid is also received from said remote source and stored locally. 

24. (Currently Amended) The computer-usable medium of Claim 19 wherein a condition associated 
with said first policy definition is also received from said remote source and stored locally, 
wherein said condition is enforced locally. 

25-32. (Cancelled) 
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